Guard privileged pull_request_target workflows from fork PRs

[Copilot]

📌 Fixes

---

📝 Summary of Changes

• Two privileged workflows were callable via pull_request_target without restricting execution to same-repo PRs, leaving fork PRs able to trigger jobs with write-scoped permissions.
• Added an explicit fork guard to both affected jobs so pull_request_target runs only when the PR head repo matches github.repository, while preserving workflow_dispatch and other non-PR-target triggers.

if: github.event_name != 'pull_request_target' || github.event.pull_request.head.repo.full_name == github.repository

---

Changes Made

• Updated .github/workflows/ai-fix.yml to block fork-originated pull_request_target executions on the ai-fix job
• Updated .github/workflows/copilot-automation.yml to block fork-originated pull_request_target executions on the copilot-automation job
• Fixed the write-permission exposure path called out in the security report without changing the reusable workflow wiring
• Added tests for these changes (not applicable for this workflow-only change)

---

Checklist

Please ensure the following before submitting your PR:

• I have reviewed the project's contribution guidelines.
• I have performed a self-review of my changes.
• I have written unit tests for the changes (if applicable).
• I have updated the documentation (if applicable).
• I have tested the changes locally and ensured they work as expected.
• All CI checks are passing.

Security Considerations

If this PR modifies any security-sensitive files, confirm:

• Dockerfiles — verified base images, avoided running as root
• Kubernetes manifests — checked RBAC permissions and secrets handling
• CI/CD workflows — inspected for command injection or credential exposure
• Dependencies — validated new packages, checked for known vulnerabilities
• Security configs — changes align with project security policies

Leave unchecked if not applicable. See CONTRIBUTING.md for details.

---

Screenshots or Logs (if applicable)

---

👀 Reviewer Notes

• This is a narrowly scoped workflow hardening change only.
• The reusable workflow refs remain on @main; SHA pinning is intentionally left to the separate tracked issue.

[netlify]

❌ Deploy Preview for kubestellar-docs failed. Why did it fail? →

Name	Link
🔨 Latest commit	d08198c
🔍 Latest deploy log	https://app.netlify.com/projects/kubestellar-docs/deploys/6a339db7829f18000813d959

[kubestellar-prow]

Hi @Copilot. Thanks for your PR.

I'm waiting for a kubestellar member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[kubestellar-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please ask for approval from clubanderson. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[kubestellar-prow]

Thanks for your pull request. Before we can look at it, you'll need to add a 'DCO signoff' to your commits.

📝 Please follow instructions in the contributing guide to update your commits with the DCO

Full details of the Developer Certificate of Origin can be found at developercertificate.org.

The list of commits missing DCO signoff:

• 3f79a5f Initial plan
• d08198c fix: guard privileged PR target workflows

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.